[jira] [Commented] (TOMEE-2068) Security Expection while depoying
[ https://issues.apache.org/jira/browse/TOMEE-2068?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16053582#comment-16053582 ] Romain Manni-Bucau commented on TOMEE-2068: --- I guess you run with the security manager enabled. Therefore you need to tune the default catalina.policy to match the server runtime. We don't have yet a ready to use file for these cases (think there are some other tickets about it) > Security Expection while depoying > - > > Key: TOMEE-2068 > URL: https://issues.apache.org/jira/browse/TOMEE-2068 > Project: TomEE > Issue Type: Bug > Components: TomEE Core Server >Affects Versions: 7.0.2 >Reporter: Magesh > > Hi, >We are getting security permission exception when we deploy our EJB > application in Tomee-plus-7.0.2 , the error gets resolved only if we add the > below parameter as a system variable. Please let us know how to resolve this > without adding the parameter. > -Djavax.security.jacc.policy.provider=sun.security.provider.PolicyFile -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (TOMEE-2068) Security Expection while depoying
[
https://issues.apache.org/jira/browse/TOMEE-2068?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16053580#comment-16053580
]
Magesh commented on TOMEE-2068:
---
Hi,
We are getting the below exception when we run on security mode. Even after
adding the below permission we still get the same error. Only if we add the
above mentioned parameter , we are not getting any error.
Log:
79417 [http-nio-8080-exec-6] INFO tiles.TilesRequestProcessor - Tiles
definition factory found for request processor
''.java.security.AccessControlException: access denied
("java.lang.RuntimePermission" "setContextClassLoader") at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549) at
java.lang.Thread.setContextClassLoader(Thread.java:1467) at
org.apache.openejb.log.LoggerCreator$Get.exec(LoggerCreator.java:94) at
org.apache.openejb.log.LoggerCreator$Get.exec(LoggerCreator.java:105) at
org.apache.openejb.util.JuliLogStream.isWarnEnabled(JuliLogStream.java:61) at
org.apache.openejb.util.Logger.isWarningEnabled(Logger.java:425) at
org.apache.openejb.util.Logger.warning(Logger.java:646) at
org.apache.openejb.core.ThreadContext.enter(ThreadContext.java:62) at
org.apache.openejb.core.stateless.StatelessContainer.invoke(StatelessContainer.java:171)
at
org.apache.openejb.core.ivm.EjbHomeProxyHandler.create(EjbHomeProxyHandler.java:343)
at
org.apache.openejb.core.ivm.EjbHomeProxyHandler._invoke(EjbHomeProxyHandler.java:196)
at
org.apache.openejb.core.ivm.BaseEjbProxyHandler.invoke(BaseEjbProxyHandler.java:347)
at com.sun.proxy.$Proxy52.create(Unknown Source) at
org.apache.openejb.core.ivm.naming.BusinessLocalReference.getObject(BusinessLocalReference.java:36)
at org.apache.openejb.core.ivm.naming.IvmContext.lookup(IvmContext.java:176)
at org.apache.openejb.core.ivm.naming.IvmContext.lookup(IvmContext.java:292) at
org.apache.naming.NamingContext.lookup(NamingContext.java:827) at
org.apache.naming.NamingContext.lookup(NamingContext.java:173) at
org.apache.naming.SelectorContext.lookup(SelectorContext.java:163) at
javax.naming.InitialContext.lookup(InitialContext.java:417) at
travelsystem.presentation.util.EjbLocatorFacade.locate(EjbLocatorFacade.java:92)
at
travelsystem.presentation.util.EjbLocatorFacade.getUserService(EjbLocatorFacade.java:69)
at
travelsystem.presentation.util.LDAPUserHistoryCommand.execute(LDAPUserHistoryCommand.java:24)
at
travelsystem.presentation.util.UserHistoryUtility.checkHistory(UserHistoryUtility.java:28)
at
travelsystem.presentation.BIRequestProcessor.processActionPerform(BIRequestProcessor.java:27)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274) at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482) at
org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:507) at
javax.servlet.http.HttpServlet.service(HttpServlet.java:622) at
javax.servlet.http.HttpServlet.service(HttpServlet.java:729) at
sun.reflect.GeneratedMethodAccessor125.invoke(Unknown Source) at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497) at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:282) at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:279) at
java.security.AccessController.doPrivileged(Native Method) at
javax.security.auth.Subject.doAsPrivileged(Subject.java:549) at
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:314) at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:170)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:224)
at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:46)
at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:148)
at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:144)
at java.security.AccessController.doPrivileged(Native Method) at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:143)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at
sun.reflect.GeneratedMethodAccessor120.invoke(Unknown Source) at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497) at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:282) at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:279) at
java.security.AccessController.doPrivileged(Native Method) at
javax.security.auth.Subject.doAsPrivileged(Subject.java:549) at
[jira] [Commented] (TOMEE-2068) Security Expection while depoying
[ https://issues.apache.org/jira/browse/TOMEE-2068?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16053549#comment-16053549 ] Romain Manni-Bucau commented on TOMEE-2068: --- Hi [~magsun], first you should probably have another error before (like a resource not created). Then maybe try on tomee 7.0.3. If it doesnt help please share your configuration to let us reproduce it in a plain tomee. > Security Expection while depoying > - > > Key: TOMEE-2068 > URL: https://issues.apache.org/jira/browse/TOMEE-2068 > Project: TomEE > Issue Type: Bug > Components: TomEE Core Server >Affects Versions: 7.0.2 >Reporter: Magesh > > Hi, >We are getting security permission exception when we deploy our EJB > application in Tomee-plus-7.0.2 , the error gets resolved only if we add the > below parameter as a system variable. Please let us know how to resolve this > without adding the parameter. > -Djavax.security.jacc.policy.provider=sun.security.provider.PolicyFile -- This message was sent by Atlassian JIRA (v6.4.14#64029)
